CVE Alert: CVE-2025-53043 – Oracle Corporation – Oracle Product Hub
CVE-2025-53043
Vulnerability in the Oracle Product Hub product of Oracle E-Business Suite (component: Item Catalog). Supported versions that are affected are 12.2.3-12.2.14. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Product Hub. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Product Hub accessible data as well as unauthorized access to critical data or complete access to all Oracle Product Hub accessible data. CVSS 3.1 Base Score 8.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N).
AI Summary Analysis
Risk verdict
High risk: a remote, network-accessible vulnerability with low privileges could be exploited with no user interaction; urgency depends on KEV/EPSS status, which isn’t provided, so treat as high-priority remediation pending those indicators.
Why this matters
Successful exploitation allows unauthorised creation, deletion or modification of critical Product Hub data, with potential data exfiltration or integrity breaches across the repository. In organisations relying on Oracle Product Hub for item catalog management, this can disrupt procurement, inventory control and reporting, creating operational risk and compliance concerns.
Most likely attack path
Attacker needs network access to the affected endpoints and minimal privileges; no authentication interaction is required. The combination of network vector, low complexity and no user interaction enables automation and broad reach within the same instance, increasing the chance of rapid data manipulation or lateral movement to connected processes.
Who is most exposed
Customers deploying Oracle Product Hub 12.2.3–12.2.14, typically within on-premise Oracle E-Business Suite environments or data-centre deployments exposed to internal or VPN networks.
Detection ideas
- Unusual HTTP requests targeting item catalog endpoints outside normal maintenance windows.
- Create/delete/modify events detected in audit logs without corresponding valid workflows.
- Privilege-escalation attempts or anomalous privilege use on catalog management accounts.
- Sudden spikes in inventory/catalog changes or mass item updates.
- WAF/IPS alerts on repeated access to catalog APIs.
Mitigation and prioritisation
- Apply vendor patch to fix 12.2.3–12.2.14 as advised; coordinate with change management and test in a staging environment.
- Restrict exposure: require TLS, block unauthenticated HTTP, implement strict access controls and network segmentation.
- Implement compensating controls: disable or tightly gate catalog write endpoints; enforce least privilege; require approved change workflows.
- Enhance monitoring: enable detailed catalog audit logs, alert on bulk changes, and correlate with SIEM.
- Note: KEV/EPSS data not provided; if KEV true or EPSS ≥ 0.5, treat as priority 1.
Support Our Work
A considerable amount of time and effort goes into maintaining this website, creating backend automation and creating new features and content for you to make actionable intelligence decisions. Everyone that supports the site helps enable new functionality.
If you like the site, please support us on Patreon or Buy Me A Coffee using the buttons below.
